Monitoring Splunk

ta-postgres Authentication issue

marcoscala
Builder

hi!
I'm trying to monitor a Postgres DB using the ta-postgres TA.

I have an authentication issue: the DBA created a user "splunk" and provided me with the password. I have tried the following configuration options in ta-postgres/local/postgrestats.conf:

Option 1.
[default]
defaultdb =
host = host.domain
port = 5432
user = splunk
password = {md5}splunk83fef3dd6477

Option 2.
[default]
defaultdb =
host = host.domain
port = 5432
user = splunk
password = md5bacb6374010b3f7af42dc7a670da9db4
(md5 coded password from the postgres db)

In both cases I get the following error message on the DB in the "postgresql*.log :
UTC FATAL: password authentication failed for user "splunk"

Thanks for support!!!

Tags (1)
0 Karma
1 Solution

marcoscala
Builder

Actually, digging in the code of the ta, we found that the bin/postgrestats.py uses the connect method from psycopg2:

psycopg2.connect(connect_string(defaultdb, dbhost, dbport, dbuser, dbpassword))

Cheching online it looks like the dbpassword must be passed NOT MD5ed...

so the working final config for me was:

password = splunk83fef3dd6477

with the password in clear!!!

Hope this will help!!!

View solution in original post

0 Karma

marcoscala
Builder

Actually, digging in the code of the ta, we found that the bin/postgrestats.py uses the connect method from psycopg2:

psycopg2.connect(connect_string(defaultdb, dbhost, dbport, dbuser, dbpassword))

Cheching online it looks like the dbpassword must be passed NOT MD5ed...

so the working final config for me was:

password = splunk83fef3dd6477

with the password in clear!!!

Hope this will help!!!

0 Karma

marcoscala
Builder

Here is the source of our findings:

https://wiki.postgresql.org/wiki/Psycopg2_Tutorial

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...